Offensive Security
Offensive security tools for penetration testing, red team exercises, exploit development, and ethical hacking activities.
Explore 454 curated cybersecurity tools, with 14,784+ visitors searching for solutions
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
A collection of tools that execute programs directly in memory using various delivery methods including URL downloads and netcat connections.
A collection of tools that execute programs directly in memory using various delivery methods including URL downloads and netcat connections.
steg86 is a steganographic tool that hides information within x86 and AMD64 binary executables without affecting their performance or file size.
steg86 is a steganographic tool that hides information within x86 and AMD64 binary executables without affecting their performance or file size.
A COM Command & Control framework that uses JScript to provide fileless remote access capabilities on Windows systems through a modular plugin architecture.
A COM Command & Control framework that uses JScript to provide fileless remote access capabilities on Windows systems through a modular plugin architecture.
A Linux exploit suggestion tool that identifies potential privilege escalation vulnerabilities by analyzing kernel versions and matching them against a database of known exploits.
A Linux exploit suggestion tool that identifies potential privilege escalation vulnerabilities by analyzing kernel versions and matching them against a database of known exploits.
A blog post explaining the concept of Active Directory Trusts and their enumeration and exploitation
A blog post explaining the concept of Active Directory Trusts and their enumeration and exploitation
FOCA is a tool used to find metadata and hidden information in scanned documents, with capabilities to analyze various file types and extract EXIF information.
FOCA is a tool used to find metadata and hidden information in scanned documents, with capabilities to analyze various file types and extract EXIF information.
SharpEDRChecker scans system components to detect security products and tools.
SharpEDRChecker scans system components to detect security products and tools.
Utilizing Alternate Data Streams (ADS) to bypass AppLocker default policies by loading DLL/CPL binaries.
Utilizing Alternate Data Streams (ADS) to bypass AppLocker default policies by loading DLL/CPL binaries.
A collection of vulnerable ARM binaries designed for educational exploit development and vulnerability research practice across different architectures and exploitation techniques.
A collection of vulnerable ARM binaries designed for educational exploit development and vulnerability research practice across different architectures and exploitation techniques.
Pwntools is a Python CTF framework and exploit development library that provides tools for rapid prototyping and development of exploits and CTF challenge solutions.
Pwntools is a Python CTF framework and exploit development library that provides tools for rapid prototyping and development of exploits and CTF challenge solutions.
Chameleon aids in evading proxy categorization to bypass internet filters.
Chameleon aids in evading proxy categorization to bypass internet filters.
A collection of Python scripts for password spraying attacks against Lync/S4B & OWA, featuring Atomizer, Vaporizer, Aerosol, and Spindrift tools.
A collection of Python scripts for password spraying attacks against Lync/S4B & OWA, featuring Atomizer, Vaporizer, Aerosol, and Spindrift tools.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
A project for demonstrating AWS attack techniques with a focus on ethical hacking practices.
A project for demonstrating AWS attack techniques with a focus on ethical hacking practices.
Havoc is a malleable post-exploitation command and control framework that provides a client-server architecture with payload generation, customizable C2 profiles, and team collaboration capabilities for red team operations.
Havoc is a malleable post-exploitation command and control framework that provides a client-server architecture with payload generation, customizable C2 profiles, and team collaboration capabilities for red team operations.
A vulnerable web site in NodeJS for testing security source code analyzers.
A vulnerable web site in NodeJS for testing security source code analyzers.
A Python-based network hacking toolkit that implements various attack and reconnaissance techniques for educational purposes and network security learning.
A Python-based network hacking toolkit that implements various attack and reconnaissance techniques for educational purposes and network security learning.
A set of commands for exploit developers and reverse-engineers to enhance GDB functionality.
A set of commands for exploit developers and reverse-engineers to enhance GDB functionality.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.
Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.
A deliberately vulnerable ARM/ARM64 application with 14 different vulnerability levels designed for CTF-style exploitation training and education.
A deliberately vulnerable ARM/ARM64 application with 14 different vulnerability levels designed for CTF-style exploitation training and education.
Sysreptor offers a customizable reporting solution for offensive security assessments.
Sysreptor offers a customizable reporting solution for offensive security assessments.
